lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <6180248b-7ece-4400-a3ac-eda8b7c3959f@kernel.org>
Date: Mon, 17 Mar 2025 09:50:07 +0100
From: Jiri Slaby <jirislaby@...nel.org>
To: feng.wei8@....com.cn, linux-kernel@...r.kernel.org
Cc: masahiroy@...nel.org, linux-kbuild@...r.kernel.org
Subject: Re: [PATCH] kconfig: Replace strncpy() with strscpy()

On 17. 03. 25, 8:22, feng.wei8@....com.cn wrote:
> From: FengWei <feng.wei8@....com.cn>
> 
> supplemented:
> strncpy() is deprecated for NUL-terminated destination buffers. Use
> strscpy() instead and remove the manual NUL-termination.
> 
> Signed-off-by: FengWei <feng.wei8@....com.cn>
> ---
>   scripts/kconfig/confdata.c | 3 +--
>   1 file changed, 1 insertion(+), 2 deletions(-)
> 
> diff --git a/scripts/kconfig/confdata.c b/scripts/kconfig/confdata.c
> index ac95661a1c9d..e547ce003f00 100644
> --- a/scripts/kconfig/confdata.c
> +++ b/scripts/kconfig/confdata.c
> @@ -970,8 +970,7 @@ static int conf_touch_deps(void)
>   	if (depfile_prefix_len + 1 > sizeof(depfile_path))
>   		return -1;
> 
> -	strncpy(depfile_path, name, depfile_prefix_len);
> -	depfile_path[depfile_prefix_len] = 0;
> +	strscpy(depfile_path, name, depfile_prefix_len);

Are you aware this is userspace?

So: do you even compile-test all this?

-- 
js
suse labs


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ